Paper 2015/977
Faster point scalar multiplication on NIST elliptic curves over GF(p) using (twisted) Edwards curves over GF(p³)
Michał Wroński
Abstract
In this paper we present a new method for fast scalar multiplication on elliptic curves over GF(p) in FPGA using Edwards and twisted Edwards curves over GF(p³). The presented solution works for curves with prime group order (for example for all NIST curves over GF(p)). It is possible because of using 2-isogenous twisted Edwards curves over GF(p³) instead of using short Weierstrass curves over GF(p) for point scalar multiplication. This problem was considered by Verneuil in [1], but in software solutions it is useless, because multiplication in GF(p³) is much harder than multiplication in GF(p). Fortunately in hardware solutions it is possible to make in FPGA fast multiplication in GF(p³) using parallel computations. Single multiplication in GF(p³) is still a little bit slower than in GF(p) but operations on twisted Edwards curves require less multiplications than operations on short Weierstrass curves. Using these observations results in that scalar multiplication on twisted Edwards curve may be in some situations shorter than scalar multiplication on short Weierstrass curve up to 26%. Moreover, in Edwards and twisted Edwards curves arithmetic it is possible to use unified formula (the same formula for points addition and point doubling) which protects us against some kinds of side channel attacks. We also present full coprocessor for fast scalar multiplication in FPGA using described techniques.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Preprint. MINOR revision.
- Keywords
- Edwards curvesTwisted Edwards curvesFinite FieldsPoint scalar multiplication.
- Contact author(s)
- mwronski @ wat edu pl
- History
- 2015-10-12: received
- Short URL
- https://ia.cr/2015/977
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/977, author = {Michał Wroński}, title = {Faster point scalar multiplication on {NIST} elliptic curves over {GF}(p) using (twisted) Edwards curves over {GF}(p³)}, howpublished = {Cryptology {ePrint} Archive, Paper 2015/977}, year = {2015}, url = {https://eprint.iacr.org/2015/977} }